The GNU Crypto Library
Libgcrypt is a general purpose crypto library based on the code used in
GnuPG.
- Devel package for openSUSE:Factory
-
5
derived packages
- Links to openSUSE:Factory / libgcrypt
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout devel:libraries:c_c++/libgcrypt && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| _link | 0000000144 144 Bytes | |
| baselibs.conf | 0000000226 226 Bytes | |
| hwf.deny | 0000000563 563 Bytes | |
| libgcrypt-1.10.0-allow_FSM_same_state.patch | 0000000396 396 Bytes | |
| libgcrypt-1.10.0-out-of-core-handler.patch | 0000000358 358 Bytes | |
| libgcrypt-1.10.0-use-fipscheck.patch | 0000002693 2.63 KB | |
| libgcrypt-1.10.1.tar.bz2 | 0003778457 3.6 MB | |
| libgcrypt-1.10.1.tar.bz2.sig | 0000000238 238 Bytes | |
| libgcrypt-1.10.2.tar.bz2 | 0003795164 3.62 MB | |
| libgcrypt-1.10.2.tar.bz2.sig | 0000000119 119 Bytes | |
| libgcrypt-FIPS-SLI-hash-mac.patch | 0000005916 5.78 KB | |
| libgcrypt-FIPS-SLI-kdf-leylength.patch | 0000001689 1.65 KB | |
| libgcrypt-FIPS-SLI-pk.patch | 0000006706 6.55 KB | |
| libgcrypt-FIPS-rndjent_poll.patch | 0000003950 3.86 KB | |
| libgcrypt-jitterentropy-3.4.0.patch | 0000021283 20.8 KB | |
| libgcrypt.changes | 0000071369 69.7 KB | |
| libgcrypt.keyring | 0000005365 5.24 KB | |
| libgcrypt.spec | 0000007122 6.96 KB | |
| random.conf | 0000000305 305 Bytes |
Revision 165 (latest revision is 181)
Pedro Monreal Gonzalez (pmonrealgonzalez)
accepted
request 1078466
from
Pedro Monreal Gonzalez (pmonrealgonzalez)
(revision 165)
- Update to 1.10.2:
* Bug fixes:
- Fix Argon2 for the case output > 64. [rC13b5454d26]
- Fix missing HWF_PPC_ARCH_3_10 in HW feature. [rCe073f0ed44]
- Fix RSA key generation failure in forced FIPS mode. [T5919]
- Fix gcry_pk_hash_verify for explicit hash. [T6066]
- Fix a wrong result of gcry_mpi_invm. [T5970]
- Allow building with --disable-asm for HPPA. [T5976]
- Allow building with -Oz. [T6432]
- Enable the fast path to ChaCha20 only when supported. [T6384]
- Use size_t to avoid counter overflow in Keccak when directly
feeding more than 4GiB. [T6217]
* Other:
- Do not use secure memory for a DRBG instance. [T5933]
- Do not allow PKCS#1.5 padding for encryption in FIPS mode. [T5918]
- Fix the behaviour for child process re-seeding in the DRBG. [rC019a40c990]
- Allow verification of small RSA signatures in FIPS mode. [T5975]
- Allow the use of a shorter salt for KDFs in FIPS mode. [T6039]
- Run digest+sign self tests for RSA and ECC in FIPS mode. [rC06c9350165]
- Add function-name based FIPS indicator function.
GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION. This is not considered
an ABI changes because the new FIPS features were not yet
approved. [rC822ee57f07]
- Improve PCT in FIPS mode. [rC285bf54b1a, rC4963c127ae, T6397]
- Use getrandom (GRND_RANDOM) in FIPS mode. [rCcf10c74bd9]
- Disable RSA-OAEP padding in FIPS mode. [rCe5bfda492a]
- Check minimum allowed key size in PBKDF in FIPS mode. [T6039,T6219]
- Get maximum 32B of entropy at once in FIPS mode. [rCce0df08bba]
- Prefer gpgrt-config when available. [T5034]
- Mark AESWRAP as approved FIPS algorithm. [T5512]
Comments 1
When updating to future version like 1.10.x , remember to change --enable-random=linux to --enable-random=getentropy and drop/review all the rng or random* patches. It is also wise to disable the jitterentropy stuff as the linux kernel already has its own jitter-based entropy mixed into the kernel random pools.